• To support customer in defending, responding, reporting, mitigating, and restoring enterprise systems before, during and after any attempts at exploitation.
• Tier 2 SOC analysts pick up the investigations where Tier 1 left them off, pursuing all leads identified in the first phase of the incident, to eliminate the possibility of false positives. What separates a BR Tier 1 analyst from BR Ter 2 analyst, is 5 years of experience, and incident leadership. Tier 3 analysts act as SME bringing 10 years of experience to their role.
• Monitor organizations SIEM and security related device such as Firewall, IDS, EDR and DLP.
• Processes data collected from various sources to assist in cyber investigations, such as system logs, application logs, firewall logs, packet captures.
• Performs network assessments and forensic analysis when directed.
• Assists Tier 2 and Tier 1 with cyber security related incidents and handles all incidents escalated to them.
• Processes data collected from various sources to assist in cyber investigations.
• Analyze internal operational architecture, tools, and procedures for ways to improve performance.
• Collaborate with development organizations to create and deploy the tools needed to achieve objectives.

• 7+ years of professional experience as a technical subject matter expert.

• A bachelor degree in a related field (IT, engineering) is preferred.
• Proven experience in or knowledge of TCP/IP, Mitre ATT&CK and Cyber Kill Chain
• Advanced knowledge of security management and monitoring tool such as Splunk, as well as IT ticketing systems
• Strong Working knowledge of EDR Carbon Black or other EDR product
• Working knowledge of IT ticketing systems, case management tools such as TheHive or Resilient.
• Good understanding of network and system architectures, HLD and LLD
• Experience on Linux and Windows Operating Systems
• In-depth knowledge on security devices and applications such as DLP, Endpoint Security (Carbon Black), Firewalls as well as authentication services like ACL, TACACS, RADUIS
• Strong understanding of Change Management and Incident handling
• Working knowledge of NIST Security Control Standards
• Desired certifications CEH, GCIA, CCNA, CCNP, ITIL

EDGE Group